Windows cannot access the registry policy file.
UserEnv experienced an error applying Group Policy to the domain controller. Group Policy must be applied successfully for domain controllers to function properly because domain controllers get several critical permissions, such as Access this computer from network, through policy.
Because of the architecture of UserEnv, Microsoft Operations Manager (MOM) is unable to directly report the specific problem.
Sample Event:
Windows cannot access the registry policy file, %1. (%2).
Either the Registry.pol file is not accessible on SYSVOL or the file is corrupt.
To enable UserEnv logging, see Knowledge Base article 221833, “How to Enable User Environment Debug Logging in Retail Builds of Windows” at http://go.microsoft.com/fwlink/?LinkId=25636. The log file provides details for the specific error.
Target | Microsoft.Windows.Server.2012.R2.AD.DomainControllerRole |
Category | EventCollection |
Enabled | True |
Event_ID | 1096 |
Event Source | Microsoft-Windows-GroupPolicy |
Alert Generate | False |
Remotable | True |
Event Log | System |
Comment | Mom2005ID='{CB3B49B4-5DCB-4144-A56E-884946B70617}';MOM2005GroupID= |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
CollectEventData | WriteAction | Microsoft.SystemCenter.CollectEvent | Default |
CollectEventDataWarehouse | WriteAction | Microsoft.SystemCenter.DataWarehouse.PublishEventData | Default |
<Rule ID="The_registry_policy_file_could_not_be_accessed_during_application_of_machine_policy_5_Rule" Comment="Mom2005ID='{CB3B49B4-5DCB-4144-A56E-884946B70617}';MOM2005GroupID=" Enabled="true" Target="AD2012R2Core!Microsoft.Windows.Server.2012.R2.AD.DomainControllerRole" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>System</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>1096</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>Microsoft-Windows-GroupPolicy</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="CollectEventData" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>
<WriteAction ID="CollectEventDataWarehouse" TypeID="SCDW!Microsoft.SystemCenter.DataWarehouse.PublishEventData"/>
</WriteActions>
</Rule>